feat(platform): add identity expansion visibility#29
Conversation
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
hawkinsoperations-platform/scripts/ho_factory.py
Lines 2212 to 2213 in d12ba57
Handle all ID-DET dependency gaps in all-plan mode
plan --detection all is now documented and partially implemented to emit bounded DEPENDENCY_SURFACES_MISSING packets for identity detections, but this guard still only catches ID-DET-001. In mixed-revision repo roots where ID-DET-002/003/004 validation surfaces are absent, build_packet raises DependencySurfacesMissing and this branch re-raises, aborting the entire all-plan output instead of returning a bounded packet. This breaks the newly added identity expansion workflow and contradicts the behavior described in docs/factory/DETECTION_FACTORY_CONTROLLER_V0.md.
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
1 participant
Summary
Adds platform-side status and plan visibility for
ID-DET-002,ID-DET-003, andID-DET-004afterhawkinsoperations-validationPR #46 merged.This extends the existing Detection Factory Controller v0 convention rather than creating a new framework.
Upstream validation reference
HawkinsOperations/hawkinsoperations-validationd9d1c7e5f8aca6f72417964aa3fefae9531618ffChanged files
scripts/ho_factory.pydocs/factory/DETECTION_FACTORY_CONTROLLER_V0.mdcontracts/schemas/detection-factory-controller-v0.schema.jsoncontracts/README.mdValidation
python -B -m py_compile scripts\ho_factory.pypython -B scripts\ho_factory.py status --detection ID-DET-002 --repo-root C:\Raylee\Repo\HawkinsOperations --format jsonpython -B scripts\ho_factory.py status --detection ID-DET-003 --repo-root C:\Raylee\Repo\HawkinsOperations --format jsonpython -B scripts\ho_factory.py status --detection ID-DET-004 --repo-root C:\Raylee\Repo\HawkinsOperations --format jsonpython -B scripts\ho_factory.py plan --detection ID-DET-002 --repo-root C:\Raylee\Repo\HawkinsOperations --format jsonpython -B scripts\ho_factory.py plan --detection ID-DET-003 --repo-root C:\Raylee\Repo\HawkinsOperations --format jsonpython -B scripts\ho_factory.py plan --detection ID-DET-004 --repo-root C:\Raylee\Repo\HawkinsOperations --format jsonpython -B scripts\ho_factory.py plan --detection all --repo-root C:\Raylee\Repo\HawkinsOperations --format jsonpython -B scripts\ho_factory.py self-test-id-det-001-missing-surfaces --format jsonpython -B scripts\verify-soar-case-packet-v0.pypython -B scripts\verify_local_gpu_triage.py contracts\examples\local-gpu-triage-support-v0.sample.json --self-testpython -B -m json.tool contracts\schemas\detection-factory-controller-v0.schema.jsongit diff --checkClaim boundary
This PR adds platform visibility only. It does not claim source repo state for
ID-DET-002/003/004, proof promotion, runtime proof, signal proof, public-safe status, production identity coverage, live IdP proof, live SIEM/NDR proof, autonomous SOC operation, AI-approved disposition, or analyst-approved disposition.Proof ceiling remains
CONTROLLED_TEST_VALIDATEDfor the validation-backed platform view.Notes
The direct status/plan packets report:
source_status: NOT_INSPECTED_IN_THIS_PLATFORM_WINDOWvalidation_status: CONTROLLED_TEST_VALIDATEDruntime_status: NOT_PROVENsignal_status: NOT_PROVENevidence_status: NOT_CAPTUREDpublic_safe_status: NOT_PUBLIC_SAFEhuman_review_required: true